|
| 1 | +// Module included in the following assemblies: |
| 2 | +// * assembly/networking |
| 3 | + |
| 4 | +[id='networking-ne-openshift-dns-{context}'] |
| 5 | += {product-title} DNS |
| 6 | + |
| 7 | +If you are running multiple services, such as frontend and backend services for |
| 8 | +use with multiple pods, environment variables are created for user names, |
| 9 | +service IPs, and more so the frontend pods can communicate with the backend |
| 10 | +services. If the service is deleted and recreated, a new IP address can be |
| 11 | +assigned to the service, and requires the frontend pods to be recreated to pick |
| 12 | +up the updated values for the service IP environment variable. Additionally, the |
| 13 | +backend service has to be created before any of the frontend pods to ensure that |
| 14 | +the service IP is generated properly, and that it can be provided to the |
| 15 | +frontend pods as an environment variable. |
| 16 | + |
| 17 | +For this reason, {product-title} has a built-in DNS so that the services can be |
| 18 | +reached by the service DNS as well as the service IP/port. {product-title} |
| 19 | +supports split DNS by running SkyDNS on the master that answers |
| 20 | +DNS queries for services. The master listens to port 53 by default. |
| 21 | + |
| 22 | +When the node starts, the following message indicates the Kubelet is correctly |
| 23 | +resolved to the master: |
| 24 | + |
| 25 | +---- |
| 26 | +0308 19:51:03.118430 4484 node.go:197] Started Kubelet for node |
| 27 | +openshiftdev.local, server at 0.0.0.0:10250 |
| 28 | +I0308 19:51:03.118459 4484 node.go:199] Kubelet is setting 10.0.2.15 as a |
| 29 | +DNS nameserver for domain "local" |
| 30 | +---- |
| 31 | + |
| 32 | +If the second message does not appear, the Kubernetes service may not be available. |
| 33 | + |
| 34 | +On a node host, each container's nameserver has the master name added to the |
| 35 | +front, and the default search domain for the container will be |
| 36 | +`._<pod_namespace>_.cluster.local`. The container will then direct any |
| 37 | +nameserver queries to the master before any other nameservers on the node, which |
| 38 | +is the default behavior for Docker-formatted containers. The master will answer |
| 39 | +queries on the `.cluster.local` domain that have the following form: |
| 40 | + |
| 41 | +.DNS Example Names |
| 42 | +[cols=".2,.^5,8",options="header"] |
| 43 | +|=== |
| 44 | + |
| 45 | +|Object Type |Example |
| 46 | + |
| 47 | +|Default |
| 48 | +|<pod_namespace>.cluster.local |
| 49 | + |
| 50 | +|Services |
| 51 | +|<service>.<pod_namespace>.svc.cluster.local |
| 52 | + |
| 53 | +|Endpoints |
| 54 | +|<name>.<namespace>.endpoints.cluster.local |
| 55 | +|=== |
| 56 | + |
| 57 | +This prevents having to restart frontend pods in order to pick up new services, |
| 58 | +which would create a new IP for the service. This also removes the need to use |
| 59 | +environment variables, because pods can use the service DNS. Also, as the DNS |
| 60 | +does not change, you can reference database services as `db.local` in |
| 61 | +configuration files. Wildcard lookups are also supported, because any lookups |
| 62 | +resolve to the service IP, and removes the need to create the backend service |
| 63 | +before any of the frontend pods, since the service name (and hence DNS) is |
| 64 | +established upfront. |
| 65 | + |
| 66 | +This DNS structure also covers headless services, where a portal IP is not |
| 67 | +assigned to the service and the kube-proxy does not load-balance or provide |
| 68 | +routing for its endpoints. Service DNS can still be used and responds with |
| 69 | +multiple A records, one for each pod of the service, allowing the client to |
| 70 | +round-robin between each pod. |
| 71 | + |
| 72 | +.Additional resources |
| 73 | +* link:https://github.com/skynetservices/skydns[SkyDNS] |
0 commit comments